The Industrial Internet Consortium recently announced the publication of the Data Protection Best Practices White Paper, as another collaborative step in establishing data security, privacy and trust enhancements across multiple devices, sensors, gateways, applications, clouds and systems being deployed in industrial settings.
Designed for stakeholders involved in cybersecurity, privacy and IIoT trustworthiness, the 33-page paper describes best practices, and covers multiple adjacent and overlapping data protection domains including data security, data integrity, data privacy, and data residency.
The white paper was published by the Security Applicability Task Group, authored by Bassam Zarkout (IGnPower), Niheer Patel (RTI), and Apurva Mohan (Schlumberger).
“Protecting IIoT data during the lifecycle of systems is one of the critical foundations of trustworthy systems,” said Bassam Zarkout, Executive Vice President, IGnPower and one of the paper’s authors. “To be trustworthy, a system and its characteristics, namely security, safety, reliability, resiliency and privacy, must operate in conformance with business and legal requirements. Data protection is a key enabler for compliance with these requirements, especially when facing environmental disturbances, human errors, system faults and attacks.”
Data protection is an umbrella term that covers adjacent and overlapping domains: data security, data integrity, and data privacy. Some security experts use ‘data protection’ interchangeably with ‘data security’, but according to the IIC, the new white paper extends data protection to cover other aspects, including integrity and privacy.
"The efforts of the Industrial Internet Consortium are perfectly timed, as it becomes increasingly important to address many issues associated with securing connected products and systems," said Alon Mantsur, CEO of DeviceTone, an IoT solutions company, and Co-Founder of Cybrella, a cyber security consulting firm. "With standards and attention to security from the edge to the core, from devices to gateways to servers, applications and the cloud, we can unlock substantial value without sacrificing safety, privacy and availability. Especially when it comes to mission critical systems, whether they are making our airports, schools, hospitals, cities and public venues safer, or are connecting the electrical grid, water infrastructure and communications networks, cyber security can no longer be an afterthought. We appreciate the work of the IIC, and especially the authors and contributors to this important white paper."
In a complex IIoT system, this includes operational data from things like sensors at a field site; system and configuration data like data exchanged with an IoT device; personal data that identifies individuals; and audit data that chronologically records system activities.
Different data protection mechanisms and approaches may be needed for data at rest (data stored at various times during its lifecycle), data in motion (data being shared or transmitted from one location to another), or data in use (data being processed).
Data in motion refers to the data being shared or transmitted from one location to another. Networks being one of the most vulnerable points in a system, the data should be protected while it is motion. Network level security using TLS is the most common method to protect data in motion. Since TLS is point-to-point, the endpoints of the TLS channel must be trusted, and intermediate links avoided.
“Securing data-in-motion starts with authentication and authorization.” Says Rick Conklin, CTO of Dispersive Networks. “The network must authenticate a device to ensure that the claimed identity is valid. Once authenticated, the device may only access the specific services or applications that the device is authorized to use.” Clarifies Conklin. “A simple rule for IoT: don’t talk to strangers. A device should only talk to known and authenticated peers, accessing only known applications. That network connectivity must also ensure the integrity and confidentiality of the data using only NIST recommended cryptographic algorithms. Ideally, the SDN will separate the control plane and the data plane to ensure that key negotiation traverses a different path than the data of value. For mission critical applications, data of value should be split across multiple paths to improve reliability and performance while minimizing the risk of intercept. Furthermore, the software and applications running on each device should be signed to enable device attestation – which ensures that the device has not been infected with malware or other rogue applications.
“Security is the cornerstone of data protection. Securing an IIoT infrastructure requires a rigorous in-depth security strategy that protects data in the cloud, over the internet, and on devices,” said Niheer Patel, Product Manager, Real-Time Innovations (RTI) and one of the paper’s authors. “It also requires a team approach from manufacturing, to development, to deployment and operation of both IoT devices and infrastructure. This white paper covers the best practices for various data security mechanisms, such as authenticated encryption, key management, root of trust, access control, and audit and monitoring.”
“Data integrity is crucial in maintaining physical equipment protection, preventing safety incidents, and enabling operations data analysis. Data integrity can be violated intentionally by malicious actors or unintentionally due to corruption during communication or storage. Data integrity assurance is enforced via security mechanisms such as cryptographic controls for detection and prevention of integrity violations,” said Apurva Mohan, Industrial IoT Security Lead, Schlumberger and one of the paper’s authors.
As a prime example of data privacy requirements, the paper focuses on the EU General Data Protection Regulation (GDPR), which grants data subjects a wide range of rights over their personal data. The paper describes how IIoT solutions can leverage data security best practices in key management, authentication and access control can empower GDPR-centric privacy processes.
Data at rest refers to data stored at various times during its lifecycle. Data at rest is vulnerable to manipulation and its confidentiality, integrity, availability (CIA) must be protected, the paper states. Data encryption and replication are the most common techniques used to ensure CIA protection for data at rest.
“We applaud efforts to establish best security practices for the IoT industry. As the growth of Internet connected devices continues, the industry must adopt common methodologies for establishing digital identities of devices and the authentication and securing of information that they generate.” Says Michael Hathaway, CEO of IronBridge Enterprise. “In addition, we see some derivative of distributed ledger technology playing an important role in the authentication of device identities ensuring data integrity in the increasingly distributed and complex IoT landscape.”
Data in use refers to the data that is being processed. When data is in use, if it is sent from memory to the processor unencrypted, it could be vulnerable to attacks. Data transformation, access control and secure memory are some of the ways to protect data in use.
Ultimately, the white paper says the first step to data protection is to prohibit unauthorized access, which can be prevented by implementing a secure authorization system and using it to enforce access control and is guided by security policies composed from organizational policies, domain security requirements, legal requirements and others.
The security policy defines the roles that can access each category of data. It also specifies the security controls to be put in place to protect each category of data from unauthorized access.
Data integrity refers to maintaining the accuracy and validity of data throughout its lifecycle, ensuring that it is not altered or destroyed in an unauthorized manner. In industrial environments, data integrity and system integrity are closely related, as manipulation of industrial systems and communication channels can directly result in a loss of data integrity.
Securing an IoT infrastructure requires a rigorous security-in-depth strategy that, according to the white paper:
• secures data in the cloud,
• protects data integrity while in transit over the public internet and
• securely provisions devices.
The security-in-depth strategy should be developed and executed with active participation of various players involved with the manufacturing, development and deployment of IoT devices and infrastructure.
The Security Applicability Task Group, co-chaired by Ron Zahavi (Microsoft) and James Clardy (NetFoundry), which is a subgroup of the Security Working Group co-chaired by Sven Schrecker (LHP Engineering Solutions) and Jesus Molina (Waterfall Security Solutions) also contributed.
“The integrity of the cyber-physical infrastructure is absolutely critical.” Says Don DeLoach, Co-Founder and CEO of Rocket Wagon Venture Studios. “It is becoming clear that no single solution or approach offers a silver bullet, and organizations are increasingly implementing layered security models to more effectively address cyber-security. This will surely continue. It is great to see organizations like the IIC taking a strong stance for insuring industry-wide strategies and best practices for security. Without the trust levels created by such efforts, all other advances stand to be undermined.”
The Industrial Internet Consortium is the world’s leading membership program transforming business and society by accelerating the Industrial Internet of Things (IIoT). The IIC delivers a trustworthy IIoT in which the world’s systems and devices are securely connected and controlled to deliver transformational outcomes. The Industrial Internet Consortium is a program of the Object Management Group (OMG). For more information, visit www.iiconsortium.org.
Arti Loftus is an experienced Information Technology specialist with a demonstrated history of working in the research, writing, and editing industry with many published articles under her belt.